Candidate: Nusa Zidaric
Title: Automated hardware implementations of finite field applications
Date: October 30, 2019
Time: 1:30 PM
Place: EIT 3145
Supervisor(s): Aagaard, Mark D. - Gong, Guang
Many cryptographic primitives are based on finite field arithmetic. The most famous example is the. the block cipher AES (Advanced Encryption Standard), other examples include elliptic curve cryptography, SNOW3G stream cipher, or the WG stream cipher family, to name just a few. Efficient hardware implementations were already desirable in the past, e.g. for cryptographic co-processors, and are now receiving even more attention with the advent of lightweight cryptography, targeting constrained environments, e.g. for IoT (Internet of Things).
The design flow for digital hardware can be roughly divided into four phases: the algorithm design, the architectural decisions phase, the (automated) design entry and implementation phase and the optimizations phase. This seminar will briefly present the architectural decisions phase and mainly focus on identifying the problems of the automated design entry and implementation and present their solutions.
The architectural decisions phase includes the coarse architectural decisions, e.g. sequential or combinational design, and decisions related to finite field arithmetic, e.g. the field size and basis for the representation of the field elements. After all the parameters and algorithms for the finite field arithmetic operations have been chosen, the design decisions can be finalized. The goal of the automated design entry and implementation phase is the design entry (using VHDL), which yields a fully functional hardware module. This automation step comes with many challenges, arising from the intersection of two worlds, namely the finite field arithmetic and the hardware design. This phase is nicknamed “math meets hardware”. For example, a very simple mind-leap is to view a finite field as a vector space (given a basis). While computer algebra systems can do both, the VHDL always needs a selected basis: it can only use bit-vectors for signals, and is unaware of the mathematical interpretations of individual bits. This problem will be presented as variable binding. We will present a classification of expressions based on their underlying finite field and the degree of monomials and show how this helps to build an arbitrary datapath, including submodule extraction and operation binding.
200 University Avenue West
Waterloo, ON N2L 3G1